<?php
require_once("DBFunctions.php");
$error = -1;

function logIn($email,$password) {
	$db = new DBFunctions;
	$db->connectDB();
	$query = "SELECT User_ID FROM User WHERE Email='".$email."' AND Password='".md5($password)."';";
	$result = $db->query($query);
	if (mysqli_num_rows($result) != 1) {
		$db->closeDB();
		return -1;
	} else {
		session_start();
		$_SESSION['email'] = $email; 
		$_SESSION['ip'] = $_SERVER['REMOTE_ADDR'];
		$db->closeDB();
		return 1;
	}
}

function logOut() {
	session_start();
	session_destroy();
	return 1;
}

function signUp($email,$password) {
	$db = new DBFunctions;
	$mysqli = $db->connectDB();
	$result = $db->query("call signUp('".$email."','".md5($password)."',@a)");
	$errors = $db->query("SELECT @a");
	if ($errors) {
		while( $line = mysqli_fetch_array( $errors, MYSQL_ASSOC ) ) {
			$error = $line['@a'];
		}
		if ($error != 0) {
			$db->closeDB();
			return -1;
		} else {
			session_start();
			$_SESSION['email'] = $email; 
			$_SESSION['ip'] = $_SERVER['REMOTE_ADDR'];
			$db->closeDB();
			return 1;
		}
	} else {
		return -1;
	}
}

function showLogIn($error = "", $email = "", $signup = 0) {
	$login = "<div id='darken'></div>";
	$login .= "<div id='login'";
	$err = $error;
	if ($signup) {
		$login .= " class='hidden'>";
		$error = "";
	} else {
		$login .= ">";
	}
		$login .= "<h3>You must login before you can start using this application.</h5>";
		$login .= "<h5 class='error'>".$error."</h5>";
		$login .= '<form id="login_form" name="login_form" action="index.php" method="post">';
			$login .= "<h5>Email </h5>";
			$login .= '<input id="email" type="text" name="email" value="'.$email.'" size="20" />';
			$login .= "<h5>Password </h5>";
			$login .= '<input id="pword" type="password" name="pword" size="20" /><br />';
			$login .= '<input type="submit" value="Log In" />';
		$login .= "</form>";
		$login .= '<h6>Not registered? <a href="#" onclick="$(\'signup\').style.display=\'block\';$(\'login\').style.display=\'none\';">Sign up!</a></h6>';
	$login .= "</div>";
	$login .= "<div id='signup'";
	if (!$signup) {
		$login .= " class='hidden'>";
		$error = "";
	} else {
		$login .= ">";
		$error = $err;
	}
		$login .= "<h3>Please sign up to start using this application.</h5>";
		$login .= "<h5 class='error'>".$error."</h5>";
		$login .= '<form id="signup_form" name="signup_form" action="index.php" method="post">';
			$login .= "<h5>Email </h5>";
			$login .= '<input id="new_email" type="text" name="new_email" value="'.$email.'" size="20" />';
			$login .= "<h5>Password </h5>";
			$login .= '<input id="new_pword" type="password" name="new_pword" size="20" /><br />';
			$login .= '<input type="submit" value="Sign Up" />';
		$login .= "</form>";
		$login .= '<h6>Already registered? <a href="#" onclick="$(\'login\').style.display=\'block\';$(\'signup\').style.display=\'none\';">Log in!</a></h6>';
	$login .= "</div>";
	return $login;	
}

?>